public static function moveApplications()
{
RecruiterController::requireLogin();
global $params;
$selected = MongoIdArray($params['selected']);
$to = $params['to'];
$recruiterId = $_SESSION['_id'];
// Make sure all selected are owned.
foreach ($selected as $applicationId) {
if (!ApplicationModel::isOwned($recruiterId, $applicationId)) {
echo toJSON(['error' => 'permission denied']);
return;
}
}
// Mark new status.
foreach ($selected as $applicationId) {
ApplicationStudent::changeStatus($applicationId, $to);
}
return self::ajaxSuccess();
}
